Docnizer logo

Docnizer

Personal document hub

Security and trust

How Docnizer protects user documents

Last updated: February 26, 2026

Infrastructure

AWS-backed architecture

Core services are deployed on AWS with encrypted storage, managed database, and transactional email delivery.

AWSS3RDSSESKMS

Encryption

Current security posture

  • Encryption in transit via HTTPS/TLS.
  • Encryption at rest for stored document data.
  • Access control and authenticated API boundaries.
  • Transactional email only for OTP and security workflows.

Note: End-to-end encryption is a roadmap feature and will be announced only after full rollout.

How OTP works

OTP and account security emails are sent through AWS SES. We send only transactional emails: verification OTP, password reset OTP, and security alerts.

Abuse Prevention Controls

  • OTP resend cooldown and request throttling are enforced.
  • Per-user and IP/device-aware limits are applied to verification and reset flows.
  • Automatic lockout after repeated failed OTP verification attempts.
  • Transactional email channel is restricted to OTP, reset, and security alerts.
  • Operational monitoring is maintained for email delivery health.

Architecture snapshot

Infrastructure overview of Docnizer deployment and data flow.

Docnizer AWS deployment architecture

Compliance posture

Docnizer follows GDPR-aligned privacy principles including data minimization, purpose limitation, restricted access, and user-driven deletion controls.

Formal certifications or legal compliance claims are published separately once completed.